While trying to figure out whether a completely anonymous disclosure was possible, I began to question whether it was worth the trouble at all. I had no obligation to report anything, after all. But if someone had discovered an equally nasty bug in Bitcoin Core, I would hope that person would bring it to our attention as discreetly and securely as possible. So I decided to do exactly that: create the report I would want to read, and deliver it as I would want to receive it.

Consider one specific match of football and only that one specific match. If you want to win that match you should do absolutely everything you can to win. Pretty simple. Nothing else to really think about since it a low resolution view of the world.

Now consider one specific match of football in the context of the game of football matches. Suddenly you should not do absolutely everything to win that one specific match. Maybe you...

should be a little more careful so yourself, other teammates, and opposing teammates aren't harmed. If you get injured you might never play again.

should not cheat or at least take significantly less risk to do so. After all, eventually you will get caught.

should optimize the team for more wins overall at the cost of a specific match. Your weaker team mates can get more experience for more wins later.

If your level of analysis is just the match war between bitcoin and some specific shitcoin called bcash, then you should do absolutely everything you can to destroy bcash. It is pretty simple really. Not only don't help secure their code but also consider exploiting their vulnerability. Why not. It is obviously the correct thing to do.

Now consider a level of analysis not between bitcoin and one specific shitcoin but between bitcoin and all shitcoins. Now what about a level of analysis of bitcoin against not just other shitcoins but all other threats like software bugs, state actors, changes to technology, etc. But wait. What about a level of analysis where you consider bitcoin not only against all threats but all threats that currently exist and those that will ever exist.

If you are at that level you don't really care that much about the shitcoin of the day and you engage in things that are good across time such as trying to make all software more secure and foster an environment where developers are encouraged to help one another.

BCash is a scam that fucks over all its users as well as fucking over the entire crypto ecosystem with massive injection of misinformation. Creating an environment hostile and extremely confusing for new investors.

Usually when people say "If ________ has the ability to seriously damage bitcoin then bitcoin doesn't deserve to live", it's based on an extremely weak foundational premise. You're also overselling the principle of antifragility. You can ingest small amounts of poison to become immune to doses which would normally kill you, but it doesn't mean you are completely immune.

“So, suspecting that Nero had a contract on her, she got herself Mithridatized against the poisons that would have been available to her son’s underlings. Like Mithridates, Agrippina eventually died by more mechanical methods as her son (supposedly) had assassins slay her, thus providing us with the small but meaningful lesson that one cannot be robust against everything. And, two thousand years later, nobody has found a method for us to get “fortified” against swords.”

In this case I feel that bcash did exactly what bitcoin was designed to resist. Someone tried to publish invalid blocks and call them bitcoin. It's exactly the kind of thing the consensus exists to prevent, and it did. Now a malicious site claims to be bitcoin central and that's also something that can be prevented by following best practices regarding software signature checks and to verify the blockchain in your own node.

The only legitimacy bcash has is that people here keeps talking about it as if it's a serious rival and not a small eccentric splinter.

Keep in mind this is a reddit comment and not a full article so take these as jumping points to research further.

On the technical side: BCH has less than 10% of the Bitcoin hashrate. This single fact means that you have to trust that miners do not attack the BCH chain for profit. BCH can be 51% attacked with about 10% of BTC hashrate, several pools could singlehandedly destroy BCH. For this reason BCH cannot be considered trustless, permissionless, immutable, or finite. A small minority of miners can do whatever they want with the protocol. Infinite inflation, block transactions, go back and rewrite blocks, etc.

Because the BCH roadmap is to increase blocksize prior to running into limits without concern for node operators, only miners will even be able to validate the blockchain in the future. That removes another layer of trustlessness. And because the blocksize will always be increased before running into limits there will be no pressure to develop 2nd layers like the Lightning network.

Because BCH chose not to fix transaction malleability they will not be able to simply drop in developments made on Bitcoins 2nd layers, and they are already demonstrating their technical incompetence in simply keeping the chain from splitting.

There's more but moving onto the social side of the scam:

BCH promoters lie. They lie constantly about things that can be independently verified.

BCH supporters say they follow Satoshis vision and the white paper, but they conveniently ignore Nakamoto Consensus outlined in the white paper which says that when there is a dispute over which chain is the real Bitcoin it is determined by the chain with the most accumulated work. The white paper clearly states that BTC IS Bitcoin, yet they go around spreading market confusion.

They lie about transaction speed and costs. BCH might be cheaper, but it's never faster. They have 10min block times too. It might cost you more to get in the next block on BTC but you always can. They say 0 confirm are safe on BCH and not BTC when they are equally unsafe on btc and bch.

They rally behind known sociopaths, particularly CSW. How they can support a person who claimed they were Satoshi and claimed they could prove it and then threw a temper tantrum when he couldnt prove it, that is beyond me.

Then politically:

The flippening. The entire bch narrative focuses on tearing bitcoin down rather than building BCH up. It is their stated goal to destroy Bitcoin. They are using all arsenal at their disposal to do so, adding market confusion by using bitcoindotcom to promote BCH and RIP on BTC, using Bitcoin Twitter handle, and going around making shady deals with corporations to try to overthrow Bitcoin.

Just use this info as jumping points. The BCH scam is the biggest in this ecosystem.

I can see far more flaws now in BCH as a whole. I'm still not comfortable calling it a scam. Even with all the evidence you provide, I couldn't conclude there's obvious misconduct despite obvious negligence.

I was playing devil's advocate but yes; people in the skeptic community use a technique called steelmanning; making the strongest argument on behalf of antivaxxer and then showing why it's still wrong.

Sure, that works. The level of harm to some would be vary. Some just 1st degree in the finger; a few bucks gone. Some, 3rd degree facial burns kinda stuff; utter financial ruin, homelessness, etc. I do like your analogy though.

What he COULD have done is made the community and world aware of a massive flaw in this scam coin - damaged its credibility further - and allowed the incompetent Bcashers to find the problem themselves.

The fact that such a huge vulnerability wasn't even spotted by their own team and that the competition had to point it out to them and save them from their own errors, is enough to demonstrate the shitcoin-ness of their project.

This is not the he first time a core developer has saved an altcoin’s bacon. It is a tough moral dilemma to be honest. Projects like BCash and IOTA have very questionable dev teams and dev practices and each time they are thrown a lifeline by luck, they get to evade the consequences of being sloppy without actually cleaning up their act. This is bad for future users of their systems, who will eventually become the victims of such sloppiness.

Personally I think it should have been exploited. After the incessant and rampant attacks BCH have thrown towards BTC, they deserve all the chances to be anti-fragile they can get. If they can't survive they don't deserve to exist.

More interesting was how they patched it: By covertly distributing a binary to their few friends (pool operators), which reverted to the old rules. In other words, they secretly and instantly (less than one week) deployed a hard fork.

Correct. It was v0.17 that introduced an accidental hardfork. The secretly deploy, v0.17.1 was a softfork for that.

Still, small miners that got "ignored" and went on with v0.17 were at risk of getting their blocks invalidated and, anyway, they might have wasted hash cycles. Basically, if you are Bcash miner, you should mine at one of Jihan's pools.

serious question: how would this bug, had it not been fixed, affected BCH price?

flippant answer: depends on which bitcoin cash chain you are talking about.

Slightly more serious answer: It would have been fairly catastrophic on a technical level, there is a large chance that there could have been two chains with different UTXO's (People Balances) with absolutely no way of merging them back together in a way that everyone was made whole.

How would that affect the price? I have no idea, I don't think it would have been good though.

Remember: the bcash network has very very few nodes, and the mining nodes are all running the same version. Unless there is some diversity in mining bcash, you cant really hope to be able to split the network.

So this particular bug was more useful as a publicity stunt than an actual attack.

Even if you do fork their network, as a centralized shitcoin bcash can more easily hard fork or redirect hashpower even if the network is split 7 ways. For them, hardforks are not a big deal; when you are already a junkie whats one more needle?

The only real attack on bcash will be a massive double spend which cannot be reversed, because the funds will have been exchanged to the real blockchain. Its coming soon enough, dont worry. Then it dies.

A community dedicated to Bitcoin, the currency of the Internet. Bitcoin is a distributed, worldwide, decentralized digital money. Bitcoins are issued and managed without any central authority whatsoever: there is no government, company, or bank in charge of Bitcoin. You might be interested in Bitcoin if you like cryptography, distributed peer-to-peer systems, or economics. A large percentage of Bitcoin enthusiasts are libertarians, though people of all political philosophies are welcome.

Begging/asking for bitcoins is absolutely not allowed, no matter how badly you need the bitcoins. Only requests for donations to large, recognized charities are allowed, and only if there is good reason to believe that the person accepting bitcoins on behalf of the charity is trustworthy.

News articles that do not contain the word "Bitcoin" are usually off-topic. This subreddit is not about general financial news.

Submissions that are mostly about some other cryptocurrency belong elsewhere. For example, /r/CryptoCurrency is a good place to discuss all cryptocurrencies.

Promotion of client software which attempts to alter the Bitcoin protocol without overwhelming consensus is not permitted.

No referral links in submissions.

No compilations of free Bitcoin sites.

r/Bitcoin Rules

1.

No malicious content

2.

No trolling

3.

No begging

4.

Avoid repetition

5.

The primary topic is Bitcoin

6.

Do not promote contentious hard forks

7.

Do not promote altcoins

8.

No URL shorteners or referrals

9.

No faucets

10.

No trading

Download Bitcoin Core

Bitcoin Core is the backbone of the Bitcoin network. Almost all Bitcoin wallets rely on Bitcoin Core in one way or another. If you have a fairly powerful computer that is almost always online, you can help the network by running Bitcoin Core. You can also use Bitcoin Core as a very secure Bitcoin wallet.